System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI- based distributed locking of content and distributed unlocking of protected content

US 9,843,450 B2
Filed: 08/03/2017
Issued: 12/12/2017
Est. Priority Date: 04/30/2010
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a computer user in a computer network, the computer network including an entity computer, a platform server, a user computer and an application programming interface (API) for communication between the entity computer and the platform server, the method comprising:

sending an invitation message from the entity computer to the API for authenticating an identity of a user of the user computer, the invitation message including a first public key of the entity computer and a secret question with an answer;

receiving and translating by the API the invitation message and sending the translated invitation message including the first public key to the platform server;

preparing an invitation response by the platform server and sending the invitation response to the API;

receiving and translating the invitation response by the API and sending the translated invitation response to the entity computer;

preparing a first message including a link and a unique code by the entity computer and sending the first message to the user computer;

receiving the first message, registering with the platform server utilizing the link and the unique code, and generating a second public key, by the user computer;

sending the secret question to the user computer by the platform server;

receiving a correct answer to the secret from the user computer;

receiving the second public key by the platform server;

authenticating the identity of the user of the user computer based on the received correct answer; and

receiving the first public key from the platform server, by the user computer, after said authentication of the identity of user of the user computer;

preparing a second message by the platform server including the second public key and transmitting the second message to the entity computer via the API; and

establishing a secure communication line between the entity computer and the user computer, utilizing the first public key and the second public key, whereinsaid secure communication line is authenticated using a certificate received from a certificate authority.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method for authenticating a computer user includes: sending an invitation message from an entity computer to an API for authenticating a user of a user computer; receiving and translating by the API the invitation message and sending the translated invitation message including the first public key to the platform server; sending an invitation response to the API to be translated and sending the translated invitation response to the entity computer; preparing a first message including a link and a unique code by the entity computer and sending the first message to the user computer; registering with the platform server utilizing the link and the unique code, and generating a second public key, by the user computer; receiving a correct answer to the secret from the user computer; receiving the second public key by the platform server; and authenticating the user based on the received correct answer.

Citations

10 Claims

1. A method for authenticating a computer user in a computer network, the computer network including an entity computer, a platform server, a user computer and an application programming interface (API) for communication between the entity computer and the platform server, the method comprising:
- sending an invitation message from the entity computer to the API for authenticating an identity of a user of the user computer, the invitation message including a first public key of the entity computer and a secret question with an answer;
  
  receiving and translating by the API the invitation message and sending the translated invitation message including the first public key to the platform server;
  
  preparing an invitation response by the platform server and sending the invitation response to the API;
  
  receiving and translating the invitation response by the API and sending the translated invitation response to the entity computer;
  
  preparing a first message including a link and a unique code by the entity computer and sending the first message to the user computer;
  
  receiving the first message, registering with the platform server utilizing the link and the unique code, and generating a second public key, by the user computer;
  
  sending the secret question to the user computer by the platform server;
  
  receiving a correct answer to the secret from the user computer;
  
  receiving the second public key by the platform server;
  
  authenticating the identity of the user of the user computer based on the received correct answer; and
  
  receiving the first public key from the platform server, by the user computer, after said authentication of the identity of user of the user computer;
  
  preparing a second message by the platform server including the second public key and transmitting the second message to the entity computer via the API; and
  
  establishing a secure communication line between the entity computer and the user computer, utilizing the first public key and the second public key, whereinsaid secure communication line is authenticated using a certificate received from a certificate authority.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein said platform server includes a public key infrastructure system.
  - 3. The method of claim 1, wherein the user computer utilizes security or cryptographic functions of the platform server to establish the secure communication line.
  - 4. The method of claim 1, wherein the user computer invokes a digital signature generation key pair and at least one of key establishment key pair, encryption-decryption key pair, or digital signature verification to authenticate the identity of the user of the user computer and establish the secure communication line.
  - 5. The method of claim 1, further comprising delivering secure content from the entity computer to the user computer.

6. A system for authenticating a computer user in a computer network comprising:
- a control computer coupled to the computer network for executing an application programming interface (API);
  
  a user computer coupled to the computer network;
  
  an entity computer coupled to the computer network for sending an invitation message to the API for authenticating an identity of a user of the user computer, the invitation message including a first public key of the entity computer and a secret question with an answer; and
  
  a platform server coupled to the computer network for providing security or public key infrastructure functions, wherein the API receives and translates the invitation message and sends the translated invitation message including the first public key to the platform server, whereinthe platform server prepares an invitation response and sends the invitation response to the API, whereinthe API receives and translates the invitation response and sends the translated invitation response to the entity computer, whereinthe entity computer prepares a first message including a link and a unique code by and sends the first message to the user computer, whereinthe user computer receives the first message, registers with the platform server utilizing the link and the unique code, and generates a second public key, and whereinthe platform server sends the secret question to the user computer and receives a correct answer to the secret and the second public key from the user computer, and authenticates the identity of the user of the user computer based on the received correct answer, whereinthe user computer receives the first public key from the platform server, after said authentication of the identity of user of the user computer, wherein the platform server prepares a second message including the second public key and transmits the second message to the entity computer via the API and establishes a secure communication line between the entity computer and the user computer, utilizing the first public key and the second public key, and whereinsaid secure communication line is authenticated using a certificate received from a certificate authority.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein said platform server includes a public key infrastructure system.
  - 8. The system of claim 6, wherein the user computer utilizes security or cryptographic functions of the platform server to establish the secure communication line.
  - 9. The system of claim 6, wherein the user computer invokes a digital signature generation key pair and at least one of key establishment key pair, encryption-decryption key pair, digital signature verification or digital identity token to authenticate the identity of the user of the user computer and establish the secure communication line.
  - 10. The system of claim 6, wherein the entity computer delivers secure content to the user computer via the established secure communication line.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Central, Inc.
Original Assignee
T-Central, Inc.
Inventors
Kravitz, David W., Graham, III, Donald Houston, Boudett, Josselyn L., Dietz, Russell S.
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US15/668,598
Publication Number

US 20170331633A1
Time in Patent Office

131 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

H04L 9/006   involving public key infras...

H04L 9/0822   using key encryption key

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI- based distributed locking of content and distributed unlocking of protected content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI- based distributed locking of content and distributed unlocking of protected content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links